//package com.dries.portal.admin.service.impl;
//
//import com.dries.portal.admin.bo.AdminUserDetails;
//import com.dries.portal.admin.service.IRbacService;
//import org.springframework.security.core.Authentication;
//import org.springframework.security.core.GrantedAuthority;
//import org.springframework.stereotype.Component;
//import org.springframework.util.AntPathMatcher;
//
//import javax.servlet.http.HttpServletRequest;
//import java.util.Collection;
//import java.util.HashSet;
//import java.util.Set;
//
///**
// * @Description:
// * @Author ZSY
// * @createTime 2020/9/22 15:03
// */
//@Component("rbacService")
//public class RbacServiceImpl implements IRbacService {
//
//    private final AntPathMatcher antPathMatcher = new AntPathMatcher();
//
//    @Override
//    public boolean hasPermission(HttpServletRequest request, Authentication authentication) {
//
//        Object principal = authentication.getPrincipal();
//        boolean hasPermission = false;
//
//        if (principal instanceof AdminUserDetails) {
//            // 如果用户名是admin，就永远返回true
//            String username = ((AdminUserDetails) principal).getUsername();
//            if(username.equals("admin")) {
//                hasPermission = true;
//            } else {
//                // 读取用户所拥有权限的所有URL
//                ((AdminUserDetails) principal).getAuthorities();
//
//                for (String url : urls) {
//                    if (antPathMatcher.match(url, request.getRequestURI())) {
//                        hasPermission = true;
//                        break;
//                    }
//                }
//            }
//
//        }
//
//        return hasPermission;
//    }
//}
